5.5.2.2 Run !Emulate 


Make sure that the Archimedes has “seen” a copy of !65Tube and then double click on !Emulate 





If you are using a RISC OS 3 computer then this will start the 65Tube emulator in a task window. If you are 
using a RISC OS 2 then the emulator will start in a non-multitasking window. 


5.5.2.3 *CONVERT 


(C) SJ Rese 


rch 
are APASSHORDS into. ‘text file T.GenFile 
=| also makes T.pmap 





*CONVERT takes the existing "PASSWORDS file and converts it to text (T.GenFile) ready for merging 
with the changes in your mod-file. 
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5.5.2 A simple example 


The MDFS user management can all be performed from the Desktop. The requirements are as follows: 


!Edit on the icon bar 

A window open on to $.Sysprogs 

A window open on to $.Sysprogs.ModFiles 

A window open on to a directory containing !}65Tube 


Changes you wish to make to the password file are specified by simply creating a textfile using !Edit. This 
text file is called a ModFile as it specifies modifications to be made to the password file. 


The full procedure is as follows: 


Create a ModFile using !Edit 

Convert the existing password file to a textfile 

Merge in your changes as specified in the ModFile 

Generate a new password file 

Create/remove the directories of any users you have added/removed. 


5.5.2.1 Create a mod-file using !Edit 


ee inf ; 
a ee : y CREDIT="568"; + 
ithT 





Use !Edit to create a mod-file containing the changes you wish to make to the password file and then save 
this in the ModFiles sub-directory. Keeping mod-files is useful because they can be used to remove that 
batch of users some time in the future. 
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5.5 Password File Management System 
ary 
Batch mode Editor Documentation:- , 


5.5.1 Overview 

$.5.1.1 Memory Requirements 

§.5.2 A simple example 

9:5.2.1 Create a mod-file using !Edit 

§.5:2:2 Run !Emulate 

5.5.2.3 *CONVERT 

5.5.2.4 *MERGE 

§.5.235 *GENERATE 

5.5.2.6 *EXEC !makdir 

5.5.3 *CONVERT : Converting the existing password file 
5.5.4 *MERGE and the mod-file 

5.5.4.1 !makdir and !remdir 

$5.5 *GENERATE : Generating a new password file 
5.5.6 Keywords 

5.5.7 Mod-file Examples 

5.5.8 Warnings and Errors *? 
§.5.9 Formal File Definition 

5.5.10 Known Problems 


§.5.1 Overview 


The password file management system software consists of the following programs, all of which are found 
in the directory $ . SYSPROGS of the release disc:- 


a) The batch mode editing suite: 
CONVERT (Machine code program) 
MERGE (Machine code program) 
GENERATE (Machine code program) 
b) The interactive editors: 
QEDIT (BASIC program) 
ARCPASS (BASIC program) 
ARCPASS/EDITPASS (Archimedes/BBC BASIC programs) 


The directory structure is shown thus:- 


$ 


+ 


LIBRARY SYSPROGS BOOT 


GenFile Intl PassTxt Pmap 


Issue 1.17 December 1992 5-10 SJ 


General Suggestions 


If the password file is fairly small then EDITPASS can be used. If an Archimedes is available then 
ARCPASS can be used (on virtually all sizes of password file). If the file is too big for EDITPASS then 
QEDIT can be used, subject to the limitations of QEDIT itself. 


If a large number of users are being added or modified, then, whether the password file is large or small, we 
recommend that you use the batch mode editor. For extra security the batch mode system should be used 
off-site. 


Temporary files created by the batch mode editor 


There are a number of temporary files used by the batch mode editor which are all held in the directory T. 
T.GENFILE and T.INT1 should be deleted (for security reasons) after a session has finished. The files are:- 


T.GENFILE T.PMAP T.INT1 T.PASSTXT 
T.INT1 and T.PASSTXT are temporary files created and used only by *MERGE. The latter is the updated 
version of T.GENFILE and is normally *RENAMED as this before MERGE exits. However, if MERGE 


fails it is possible that both T.GENFILE and T.PASSTXT will remain. Thus T.PASSTXT may be deleted at 
any time (except while MERGE is actually running). 


There also are two files created by *MERGE that will require be to *EXECed by the user, which are:- 


Imakdir !'remdir 
5.5.1.1 Memory Requirements 


32-Bit RISC OS Computers 


The *CONVERT, *MERGE and *GENERATE suite of programs will run on any RISC OS saaphicistet with 
. the aid of the !65Tube application. !65Tube is wi pee on the RISC OS 3 applications disc. 


8-Bit BBC Computers 


*MERGE requires HIMEM at &7C00 or greater. On a BBC microcomputer without shadow RAM, MODE 
7 is required (and will automatically be selected if this is not already the case). If HIMEM is less than 
&7C00 and you have shadow RAM, MODE 131 will automatically be selected. 


N.B. If HIMEM is less than &7CO00 and you load *MERGE, you will see the program being loaded into the 
screen. Normally, this does not matter because the first thing that the program does is to change to a 
different mode. However, if you in addition have *OPT 1 1 set, there is a fair chance that the text printed by 
the OS will actually overwrite the loaded program, which will then crash. 


You are therefore warned against using *OPT 1,1. 
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The existing BBC Microcomputer EDITPASS program restricts the size of the password file to the size of 
the memory in the local computer, and this typically allows around 200 users. The ARCPASS program for 
an Archimedes allows about 7000 users. The batch mode editor and QEDIT are a means of editing large 
password files on standard BBC microcomputers. ~ 


QEDIT is a version of EDITPASS which allows the password file to be edited on a user-by-user basis. The 
password file is not held in the local computer; individual user entries are modified and then written back to 
the password file directly, so the restriction on file size is removed. However, QEDIT does not allow you to 
insert or remove users, or to change the URD or LIB strings. 


With the batch mode editor, the system manager prepares a text file (the mod-file) containing instructions for 
modifying the password file. The commands available can be very powerful; for instance, the system can 
automatically allocate a spare account number, create the appropriate user directory, set its account number 
and credit that account. The same process can be repeated automatically, so with little more than a list of 
names, an entire class can be entered onto the system in a matter of minutes. 


The batch mode editor uses a three-stage process: *CONVERT converts the (machine-readable) password 
file PASSWORDS into a (human-readable) text file. *MERGE combines this with the mod-file to produce 
another text file. *GENERATE converts this text file back into a machine-readable format file, which it 
then installs on the appropmiate disc. 


The process is shown in the diagram below:- 


(Optional) 
Create riew mod-file 


*MERGE 
Reads: T.GenFile 
mod-file 



























*CONVERT 
Reads: “PASSWORDS 
Creates: -T.GenFile 


*GENERATE 
Reads: T.GenFile 
Modifies: PASSWORDS 







T.Pmap T.Pmap 
Modifies: T.GenFile 

T.Pmap 

Creates: !makdir 

, !remdir 






Important 


Since all of the passwords are stored in the text files, it is very important that only the system manager has 
access to them, and they should be treated with as much respect as "PASSWORDS itself. Each of the 
programs protects the machine from remote network operations to stop unauthorised people being able to 
read the files, but security is only as good as the system manager makes it. The T directory should be set to 
Private (*ACCESS T +P). Only “PASSWORDS is protected by the key: the other files are only 
protected by the main file access controls. 


Off-line / Off-site Operation 


An advantage of the batch mode editor is that it can be run off-site using a local disc filing system (DFS or 
ADFS), thus reducing the risks of security breaches. *CONVERT is mn (on the network), T. GENFILE and 
T.PMAP are copied onto local disc: the network copies should then be deleted. All the edits (i.e. preparing 
mod-files and running *MERGE) can then be done whilst the computer is disconnected from the network. 
T.GENFILE, !makdir and !remdir are copied back onto the file server, and *GENERATE is run. 
T.GENFILE should then be deleted from the file server. 
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<USERNAME> gives the user identifier logged on at the station that originated the print job. No 
leading spaces are printed. 


<STATION> gives the number of the station that originated the print job. The station number is 
printed with leading zeros and with the network number (if the station was on a 
different network), but no leading spaces are printed. For example, station 2 on the 
local network will be printed as 002, but station 43 on network 7 is printed as 
007.043. 


<BANNER> The delimiter between the end-text (which should appear in the file first) and the 
banner proper. See description above for full details. 


<B> is a synonym for <BANNER>. 
<MARK> gives a reference point for <TAB> (see below). 
<TAB nnn> pads out to a position nnn spaces from the last <MARK> identifier. There must be 


one space (only) between the word TAB and the number. If no <MARK> has been 
given, this command pads out to a position nnn spaces from the beginning of the 
text. Note that a carriage return does not reset the value of <MARK>, and that only 
the least significant byte of nnn is read. <TAB 0> is illegal: the instruction will be 
ignored and the word.<TAB 0> will be printed. If the number after TAB is less than 
the current character position, then the tab will move to the position 256+nnn. 


Note that all the special symbols are enclosed in angle brackets <>. Unrecognised special symbols will be 
printed literally. 


Control characters may be sent to the printer either by direct inclusion in the banner file (if your editor 
allows this), or by use of the ‘I’ character: , 


| introduces a ‘control’ character, e.g. |A inserts <ctrl-A>. 
|? inserts ASCII character &7F (delete). 
. |! inserts the next character with &80 added (i.e. top bit set). 
|< or |> inserts characters < or >. 
|| prints the ‘I’ character itself. 
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6.3.2.1 Table of standard characters 


The following table shows, for each possible character code, a sequence of characters that can be inserted in 
a banner file to produce that code. In all cases except characters 60, 62 and 124, the same effect can be 
achieved by inserting the character values directly: the advantage of using these sequences is that the 
resulting banner file can be inspected with *TYPE or a standard text editor. 
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6.3.2.2 Creating the Banner File 


To create suitable files, there are 3 possible methods: 


i Use the *BUILD command (documented in Section 3.3). This is the simplest method, 
but does not allow a single line with more than 255 characters. If this is going to be a 
problem, then use method 2 or 3. 


2. Write a short BASIC program that calls *SPOOL <file name>, then outputs the required 
text using PRINT, then closes the file using *SPOOL on its own. For example: 


10 *SPOOL BannerFile 
20 PRINT "|L<BANNER> | N<USERNAME> <USERNAME > <USERNAME> 
<USERNAME> <USERNAME> |M|J"; 
30 PRINT "<START><H>:<M>:<S> on the <DATE><ST> of <MONTHNAME> 
19<YEAR>|T|M[J"; . 
40 *SPOOL 
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